<?php
	session_start();

	if(isset($_POST["us"]))
	{
		include("../code/DataProvider.php");
		$us = $_POST["us"];
		$ps = $_POST["ps"];
		
		$sql = "SELECT * FROM nguoidung WHERE tendangnhap = '".$us."' AND matkhau = '".$ps."'";
		$result = DataProvider::ExecuteQuery($sql);
		$row = mysql_fetch_array($result);
		
		if($row != null)
		{
			if($row["maloainguoidung"] == 1)
			{
				$_SESSION["manguoidung"] = $row["manguoidung"];
				$_SESSION["tennguoidung"] = $row["tenguoidung"];
				$_SESSION["maloainguoidung"] = $row["maloainguoidung"];
				
				header("location:index.php");
			}
		}			
	}
	
	//header("location:login.php?err=1");
?>